#!/bin/bash

sudo dnf -y install unbound bind-utils
sudo systemctl start unbound
sudo systemctl enable unbound
sudo sed -i '18i\\tinterface: 0.0.0.0\n\taccess-control: 0.0.0.0/0 allow\n' /etc/unbound/unbound.conf

MASTER01=192.168.56.11
MASTER02=192.168.56.12
MASTER03=192.168.56.13
cat <<EOF | sudo tee /etc/unbound/local.d/etcd-dns.conf
local-zone: "etcd.com." static

local-data: "_etcd-server-ssl._tcp.etcd.com. 300 IN  SRV  0 0 2380 etcd0.etcd.com."
local-data: "_etcd-server-ssl._tcp.etcd.com. 300 IN  SRV  0 0 2380 etcd1.etcd.com."
local-data: "_etcd-server-ssl._tcp.etcd.com. 300 IN  SRV  0 0 2380 etcd2.etcd.com."

local-data: "_etcd-client-ssl._tcp.etcd.com. 300 IN SRV 0 0 2379 etcd0.etcd.com."
local-data: "_etcd-client-ssl._tcp.etcd.com. 300 IN SRV 0 0 2379 etcd1.etcd.com."
local-data: "_etcd-client-ssl._tcp.etcd.com. 300 IN SRV 0 0 2379 etcd2.etcd.com."

local-data: "etcd0.etcd.com.  300  IN  A  $MASTER01"
local-data: "etcd1.etcd.com.  300  IN  A  $MASTER02"
local-data: "etcd2.etcd.com.  300  IN  A  $MASTER03"

local-data-ptr: "$MASTER01 etcd0.etcd.com."
local-data-ptr: "$MASTER02 etcd1.etcd.com."
local-data-ptr: "$MASTER03 etcd2.etcd.com."
EOF

sudo systemctl daemon-reload
sudo systemctl restart unbound

# 查看网卡
# sudo nmcli con show "System eth1"
# sudo nmcli connection modify "System eth1" ipv4.dns 192.168.56.11
# sudo nmcli connection down "System eth1"; sudo nmcli connection up "System eth1"

# 取消只读
sudo chattr -i /etc/resolv.conf
cat <<EOF | sudo tee /etc/resolv.conf
nameserver 192.168.56.11
EOF
# 设置只读
sudo chattr +i /etc/resolv.conf

dig +noall +answer SRV _etcd-server-ssl._tcp.etcd.com
dig +noall +answer SRV _etcd-client-ssl._tcp.etcd.com
dig +noall +answer etcd0.etcd.com etcd1.etcd.com etcd2.etcd.com